My Little Forum XSS Vulnerability Network Vulnerability

Summary

The remote host is running 'My Little Forum', a free CGI suite to manage discussion forums. This PHP/MySQL based forum suffers from a Cross Site Scripting vulnerability. This can be exploited by including arbitrary HTML or even JavaScript code in the parameters (forum_contact, category and page), which will be executed in user's browser session when viewed.

References

http://secunia.com/advisories/10489/
http://www.os2world.com/content/view/12704/79/
http://www.securitytracker.com/id/1008545
http://xforce.iss.net/xforce/xfdb/14066

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Apache ActiveMQ Source Code Information Disclosure Vulnerability
Apache Tiles Multiple XSS Vulnerability
Apache Archiva Multiple Vulnerabilities
A Really Simple Chat Multiple XSS Vulnerabilities
Afian 'includer.php' Directory Traversal Vulnerability

Take action and discover your vulnerabilities